Analyze codebases to recommend AWS services and architectures, estimate deployment costs, generate secure IaC using CDK/CloudFormation/Terraform, deploy applications, and export validated diagrams as editable draw.io XML with official icons.

Build, deploy, manage, and optimize full-stack AWS applications and infrastructure: author IaC via CDK/CloudFormation in TypeScript/Python, deploy serverless (Lambda/API Gateway/Amplify) and containers (ECS/Fargate), integrate SDK patterns (JS/TS/Python/Swift), monitor costs/observability, secure IAM, stream data (SQS/Kinesis), and develop GenAI on Bedrock.

Automate GRC engineering workflows: map IaC (Terraform, Kubernetes, CloudFormation) to compliance controls (SOC2, NIST, ISO27001), generate policy-as-code (Rego, Sentinel, Checkov), collect audit evidence from AWS/Azure/GCP/K8s via scripts, scan IaC/PRs for violations with fixes, test control effectiveness, resolve framework conflicts, and transform risks into Jira tickets.

Assess SOC 2 Type I/II audit readiness for cloud environments, identify control gaps across Trust Service Criteria, generate remediation Infrastructure as Code in Terraform or CloudFormation, produce evidence checklists and matrices, map controls from documents or IaC, and compile auditor-ready packages with AWS evidence collection.

Scaffold Nx workspaces and generate AWS cloud-native apps, including TypeScript/Python backends, React frontends, tRPC APIs, Lambda functions, and infrastructure via CDK or Terraform.

Query Orca Security to triage alerts with blast radius and timelines, profile cloud assets for risks exposure compliance DSPM IAM and costs, trace issues to IaC deployers origins, map attack surfaces, assess remediation impacts, and receive daily briefings across AWS GCP Azure.

Automate Claude Code dev workflows by ingesting Git repos into LLM-optimized texts for analysis, auditing repos and MCP servers for security before install, managing Python venvs, tracking Anthropic API costs, provisioning pre-configured AWS EC2 instances, maintaining DEVLOG.md from git and chats, recapping sessions from history and todos, and creating plugin marketplaces.

Equip Claude Code with 36 AWS skills to build IaC with CDK/Terraform/CloudFormation/SAM, deploy serverless apps via Amplify/Bedrock, monitor CloudWatch/Datadog/Dynatrace, manage IAM/databases/messaging, audit security, migrate GCP-to-AWS, and run code reviews/agents for cloud workflows.

Automate full infrastructure lifecycles: generate IaC with Terraform, CDK, or CloudFormation for AWS; design CI/CD pipelines for GitHub Actions or GitLab; create idempotent Bash/Python scripts; orchestrate deployments with blue-green/canary strategies, rollbacks, health checks; implement GitOps using ArgoCD/Flux on Kubernetes.

Analyze codebase to discover IaC patterns and generate D2 diagrams of infrastructure and architecture, producing markdown docs, styled light/dark SVGs with animations, icons, and accessibility. Post-processes diagrams for GitHub, validates syntax/quality, and automates via hooks.

Audit AWS IaC code in Terraform, CloudFormation, and Pulumi against all six Well-Architected Framework pillars for security, reliability, performance efficiency, cost optimization, operational excellence, and sustainability. Scan JavaScript, TypeScript, Python, Java, and Go code for OWASP Top 10 2025 vulnerabilities, reporting severity, locations, risks, and fixes.

Design AWS and GCP infrastructure using Terraform and Ansible patterns, build data pipelines with dbt and SQLMesh, generate and manage RFCs plus technical specs in Markdown, and automate local dev setups including direnv, git worktrees, and port allocations for Docker services.

Automatically runs Infracost to estimate cloud costs for Terraform and CloudFormation IaC code in Claude Code sessions. Triggers on session-start events like startup, clear, or compact, delivering cost forecasts and breakdowns directly in your development workflow for FinOps-aware infrastructure coding.